Home | Latest News | Popular News | Our Network | About | Contact
SecurityPhresh - News that keeps you ahead of others!
Popular Security News
See More
Latest Security News
Stick A Fork In SGX, Its Done: Intels Cloud-server Security Defeated By $30 Chip And Electrical Shenanigans
12 days ago from The Register
VoltPillager breaks enclave confidentiality, calling rogue data-center operator promises into question Boffins at the University of Birmingham in the UK have developed yet another way to compromise the confidentiality of Intels Software...
Texas Senator Suggests Its Too Soon To Declare Biden The Winner Because Puerto Rico Is Still Counting Votes
12 days ago from Yahoo News
The Senate Republicans who have not conceded publicly that President-elect Joe Biden won the 2020 election argue that President Trump has the right to challenge the results in court, or point out that the vote totals havent been certified...
Teen Facing Death Penalty After Being Accused Of Murdering Five Relatives Has Shown ‘no Remorse’
12 days ago from Yahoo News
‘He has not shown any sign of remorse. While in detention, he has not talked about his family at all,’ probation officer says
20 Million Americans Will Get A COVID Vaccine This Year, Administration Says
12 days ago from Yahoo News
The Trump administration promised that 20 million Americans would receive a COVID-19 vaccine by the end of the year.
It Just Got Harder For Immigrants: The U.S. Naturalization Test Is About To Change
12 days ago from Yahoo News
U.S. legal permanent residents who apply for citizenship through naturalization on or after Dec. 1, 2020, will face a more challenging test — in which immigrants must prove they can read, write and speak basic English, and have essential...
See More
Latest News from Research Labs
Google Patches Two New Zero‑day Flaws In Chrome
13 days ago from ESET Research
The last three weeks have seen a bumper crop of patches for zero-day bugs across software from Google, Apple and Microsoft The post Google patches two new zero‑day flaws in Chrome appeared first on WeLiveSecurity
Hungry For Data, ModPipe Backdoor Hits POS Software Used In Hospitality Sector
14 days ago from ESET Research
Backdoor authors show deep knowledge of the targeted POS software, decrypting database passwords from Windows registry values The post Hungry for data, ModPipe backdoor hits POS software used in hospitality sector appeared first on...
Microsoft Patch Tuesday Fixes 17 Critical Flaws, Windows Zero‑day
14 days ago from ESET Research
The second Tuesday of the month brings another fresh batch of fixes for security vulnerabilities in various Microsoft products The post Microsoft Patch Tuesday fixes 17 critical flaws, Windows zero‑day appeared first on...
Why You Should Keep Your Netflix Password To Yourself
15 days ago from ESET Research
Sharing is caring – except when it isn’t. Here’s why you shouldn’t share your password for online media services with other people. The post Why you should keep your Netflix password to yourself appeared first on WeLiveSecurity
Patch Tuesday, November 2020 Edition
15 days ago from Krebsonsecurity
Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsofts release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to...
See More
Latest Security Videos & Podcasts
Efficiency Of The Vulnerability Response With VFeed Intelligence
2 months ago from ToolsWatch
This paper is based on the report from Ponemon Institute “Costs and Consequences of Gaps in Vulnerability Response”. vFeed, Inc outlined the most significant outcomes and mapped them with the data...[[ This is a content summary only....
What’s Wrong With WebSocket APIs - Unveiling Vulnerabilities In WebSocket APIs - Mikhail Egorov
8 months ago from DeepSec
WebSocket protocol is many times more efficient than HTTP. In recent years we can observe that developers tend to implement functionality in the form of WebSocket APIs instead of traditional REST APIs, that use HTTP. Modern technologies...
What Has Data Science Got To Do With It - Thordis Thorsteins
8 months ago from DeepSec
In this talk I want to shed some light on data science’s place within security. You can expect to learn how to see through common data science jargon that’s used in the industry, as well as to get a high level understanding of what’s...
Well, That Escalated Quickly - A Penetration Testers Approach To Windows Privilege Escalation - Khalil Bijjou
8 months ago from DeepSec
Companies engage security experts to penetrate their infrastructures and systems in order to find vulnerabilities before malicious persons do. During these penetration tests, security experts often encounter Windows endpoints or servers...
The Turtle Gone Ninja - Investigation Of An Unusual Crypto-Mining Campaign - Ophir Harpaz And Daniel Goldberg
8 months ago from DeepSec
At first sight, Nansh0u is yet another attack campaign aiming to mine a marginal crypto-currency named TurtleCoin. However, things get much more interesting once you gain full access to the attacker’s infrastructure. Our investigation...
See More
Latest Security Papers & Presentations
Typo 1: VulnHub CTF Walkthrough (part 2)
one month ago from InfoSec
Introduction In the previous article, Part 1 of this CTF, we were able to complete the following steps on the victim machine: Getting the target machine IP address by running the VM Getting open port details by using the Nmap tool Enumerating...
Reactive Vs. Proactive Security: Three Benefits Of A Proactive Cybersecurity Strategy
one month ago from InfoSec
Introduction  I’ve been writing cybersecurity articles for many years, and in that time, I have only seen increasingly complex security threats. Cybercriminals take their craft seriously. They treat cybercrime as a business, looking...
Brand Impersonation Attacks Targeting SMB Organizations
one month ago from InfoSec
Introduction Building and maintaining a brand is an important part of a successful business. Having a recognized brand confers recognition, and if done well, provides a way of developing trust between customers and company. Brand trust...
How To Use The NICE Cybersecurity Workforce Framework To Plan Career Progression: A Practitioners’ Guide
one month ago from InfoSec
Introduction: An overview of the NICE Cybersecurity Workforce Framework In 2017, the National Institute of Standards and Technology (NIST) published Special Publication 800-181, the NICE Cybersecurity Workforce Framework (or NICE Framework);...
2020 Verizon Data Breach Investigations Report: Summary And Key Findings For Security Professionals
one month ago from InfoSec
Introduction The Verizon Data Breach Investigations Report, or the Verizon Data Breach Report, is an annual report intended for information security professionals. It summarizes 3,950 confirmed data breaches and is a collection of work...
See More